Data Protection — News

Why GlobalSign Was Right to Suspend New Certificates

By Angela West | 09 September, 2011 10:20

When you work in computer security, reputation is everything. Certificate authentication authority (CA) GlobalSign on Monday suspended issuance of any new certificates pending the result of an investigation into a claim by a hacker that its security had been compromised. Their swift response maintains their reputation as a leading CA and positions them as an optimal choice for anyone looking for a CA for their business.

RSA spearphish attack may have hit US defense organizations

By Robert McMillan | 09 September, 2011 10:05

The hackers who broke into EMC's RSA Security division last March used the same attack code to try to break into several other companies, including two U.S. national security organizations, according to data provided by the VirusTotal website.

DigiNotar hacker threatens to expand spy attacks using stolen certificates

By Gregg Keizer | 09 September, 2011 06:29

The hacker with links to several breaches of SSL certificate-issuing networks this year admitted sharing stolen certificates with others in Iran, and threatened to extend future spy-style attacks to computer users in the U.S., Europe and Israel.

After digital certificate hack, Mozilla seeks reassurances

By Robert McMillan | 09 September, 2011 05:32

Following the high-profile hack of DigiNotar, the makers of the Firefox browser are asking issuers of digital certificates to take a hard look at their internal security and to report back in a week.

VMware, Symantec work up cloud-based single sign-on security services

By Ellen Messmer | 09 September, 2011 02:33

There's a thunderbolt of change coming in cloud-based identity management, with new possibilities for single sign-on (SSO) and provisioning through cloud-based services.

Blinded by the smartphone glitz: Is security on your must-have features list?

By Ira Winkler | 09 September, 2011 02:33

When my cell phone started acting strange last week, I decided it was a good time to get a new one. I had several features in mind that I felt were essential, and the only phone I could find that had all of them was a Droid. Against my better judgment, I said I would take it.

Manchester hospital loses patients’ personal data

By Anh Nguyen | 08 September, 2011 17:12

The Information Commissioner's Office (ICO) has found the University Hospital of South Manchester NHS Foundation Trust in breach of the Data Protection Act (DPA) after losing an unencrypted USB key containing patients' personal data.

Kaspersky sets sights on corporate market

By Stilgherrian | 08 September, 2011 16:21

Kaspersky Lab plans a significant push into the enterprise security market with its new Endpoint Security 8.0 and Security Center 9.0 products for Windows, according to senior executives addressing partners and media at a preview event in Kuala Lumpur today.

Windows Event Viewer phishing scam remains active

By Rodney Gedda | 10 August, 2009 11:12

What do you get when you combine malware, IP telephony and an offshore call centre? A new breed of brazen phishing scam designed to target unwary Windows users.

Competing for privacy in a social media world

By Andreas M. Antonopoulos | 08 September, 2011 08:48

For years, Facebook users have been clamoring for better privacy controls and clarity, while Facebook engineers oscillate between improvements and major privacy snafus. Every now and then a new wave of exasperated users cry out "That's it, I'm leaving". Up to now, users really didn't have anywhere to go after quitting, so they effectively quit the social media scene, self-ostracized (MySpace is equivalent to being exiled, perhaps worse). Now that they have somewhere else to go (Google+), Facebook is ramping up its privacy controls and seems to be taking privacy more seriously. Let the privacy competition begin!

Norton Internet Security 2012

By Preston Gralla | 08 September, 2011 02:09 | 2 Comments

Norton Internet Security (NIS) 2012 adds new features to the suite's toolkit, including those to enhance PC performance and make some basic use of the cloud; it also adds some tweaks to the interface. This is not a major overhaul, but the addition of new tools makes a useful piece of protection software even more valuable.

Cybercrime costs rival those of illegal drug trafficking

By Tim Greene | 08 September, 2011 07:33

Young males in emerging markets are the most likely to fall victim to cybercrime, whose total cost per year is approaching the scale of illegal drug trafficking worldwide, according to a study by the Norton division of Symantec.

Gmail Without Web Access, Too Much Security

By Rick Broida | 08 September, 2011 02:42

It's that time again--reader Q&A time, that is. This week I answer questions on getting to Gmail messages when you don't have Internet access and how much security software is too much.

Comodo Hacker taunt halts GlobalSign’s SSL certificates

By Liam Tung | 08 September, 2011 07:09

The world’s fifth largest issuer of SSL (secure sockets layer) certificates, Global Sign, has stopped issuing certificates following a claim that its systems were compromised.

Hackers flip characters to disguise malware

By Gregg Keizer | 08 September, 2011 06:40

Hackers are using a new trick to cloak malicious files by disguising their Windows file extensions to make them appear safe to download, a Czech security company warned today.

Senators push for changes in cybercrime law

By Grant Gross | 08 September, 2011 04:05

The main U.S. law targeting cybercrime may need to be changed because it has allowed law enforcement agencies to target people who simply violate websites' terms of service or their employers' computer use policies, two senators said Wednesday.

Wikileaks: Online infiltrators often take credit for terrorist attacks

By Gregg Keizer | 08 September, 2011 04:00

Analysts at an Israeli company that infiltrates online forums to identify terrorists often claim responsibility for attacks to bolster their credibility, according to a recently-leaked cable from the U.S. Department of State.

Weaknesses in Password Strength

By Charles Wale | 07 September, 2011 21:35

Password strength is always being discussed because it is difficult to balance password strength with usability. Typically, resetting passwords is the main reason to call the helpdesk, indicating that passwords are too complex and / or change too frequently. Can we make passwords less complex without compromising security?

Ten years after 9/11, cyberattacks pose national threat, committee says

By Jaikumar Vijayan | 07 September, 2011 20:08

Ten years after the terrorist attacks of Sept. 11, 2001, the nation faces a critical threat to its security from cyberattacks, a new report by a bipartisan think tank warns.

How Hacktivism Affects Us All

By Robert Vamosi | 07 September, 2011 20:01

In December 2010, a group of nearly 3000 activists under the name "Operation Payback" launched online attacks against PayPal, MasterCard, and Visa, briefly knocking the three financial services' sites offline and preventing consumers from accessing ATMs or online banking services. The activists retaliated against the three companies for severing ties with WikiLeaks, an online repository for whistleblower data that had recently included thousands of secret communications from the U.S. State Department and other world governmental agencies. Nine months later more than a dozen people--most between the ages of 19 and 24--were arrested in connection with these denial-of-service (DoS) attacks, even as new attacks were hitting corporate, military, and government sites worldwide.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Sophos SafeGuard Enterprise

Your central key for data protection

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.